Skip to content

Commit

Permalink
fix: manually install detect-secret to manage direct dependency packa…
Browse files Browse the repository at this point in the history
…ges out side Pypi (oscal-compass#28)

Signed-off-by: Takumi Yanagawa <[email protected]>
  • Loading branch information
yana1205 committed Aug 28, 2024
1 parent 952b139 commit cc96401
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 3 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:
fetch-depth: 0
- name: Python Semantic Release
id: release
uses: python-semantic-release/[email protected].0
uses: python-semantic-release/[email protected].7
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Check release
Expand Down
6 changes: 6 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@ install:
install-dev:
python -m pip install ".[dev]"

# Direct dependency is not allowed for Pypi packaging even if the dependant module is defined as extra dependencies.
# Workaround: Move to manual installation by make
.PHONY: install-detect-descret
install-detect-descret:
python -m pip install detect-secrets@git+https://github.com/ibm/detect-secrets.git@master#egg=detect-secrets

.PHONY: uninstall
uninstall:
python -m pip uninstall compliance-to-policy
Expand Down
2 changes: 0 additions & 2 deletions pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,6 @@ dev = [
"black",
"isort",
"pylint",
## Security tools
"detect-secrets@git+https://github.com/ibm/detect-secrets.git@master#egg=detect-secrets"
]

[project.urls]
Expand Down

0 comments on commit cc96401

Please sign in to comment.